<?php
/*
+--------------------------------------------------------------------------
|   AffiliStore 2
|   ========================================
|   Web: http://www.affilistore.com
|   Email: admin (at) affilistore (dot) com
|	License Type: AffiliStore 2 is NOT open source software and limitations apply 
|   Licence Info: Visit AffiliStore website and click on 'Licence'
+--------------------------------------------------------------------------
*/
if (eregi(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) || eregi(".inc.php",$_SERVER['PHP_SELF'])) {
	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
	exit;
}


mysql_select_db($database, $databaseConnect);

// get install directory
$getInstallDir = mysql_query("SELECT value FROM affiliSt_config WHERE name = 'installDir'");
$installDir = mysql_fetch_assoc($getInstallDir);

// get navigation options
$getNavOpt = mysql_query("SELECT value FROM affiliSt_config WHERE name = 'navOptions'");
$navOpt = mysql_fetch_assoc($getNavOpt);
$navOpt = explode(":", $navOpt['value']);

// check for FULLTEXT index
$indquery = mysql_query("SHOW INDEX FROM affiliSt_products1 FROM $database");
$indcount = 0;
while($indrow = mysql_fetch_assoc($indquery)) {
$indtype = $indrow["Index_type"];
	if($indtype == "FULLTEXT") {
	$indcount = 1;
	}
}

$currentPage = $_SERVER["PHP_SELF"];
// get product options
$getPPerPage = mysql_query("SELECT value FROM affiliSt_config WHERE name = 'prodPerPage'");
$pPerPage = mysql_fetch_assoc($getPPerPage);
$pPerPage = explode(":", $pPerPage['value']);
if (isset($_GET['ps']) || isset($_GET['pc']) || isset($_GET['pb']) || isset($_GET['nc']) || isset($_GET['nb']) && !isset($_GET['news'])) {
	$maxRows_product = $pPerPage[1];
} else if (isset($_GET['pid'])) {
	$maxRows_product = $pPerPage[5];
} else {
	$maxRows_product = $pPerPage[0];
}

$pageNum_product = 1;
if (isset($_GET['pageNum_product'])) {
  $pageNum_product = $_GET['pageNum_product'];
}
$pageNum_product = $pageNum_product-1;
$startRow_product = $pageNum_product * $maxRows_product;

// sort by...
if (isset($_COOKIE['sortby'])) {
	if (!isset($_GET['ps']) && $_COOKIE['sortby'] == 'ORDER BY relevance DESC') {
	$sortby = 'ORDER BY prodPrice ASC';
	} else {
	$sortby = $_COOKIE['sortby'];
	}
} else {
	if (!isset($_GET['ps'])) {
	$sortby = 'ORDER BY prodPrice ASC';
	} else {
	$sortby = 'ORDER BY relevance DESC';
	}
}
if (isset($_POST['sortPrice'])) {
setcookie("sortby", $_POST['sortPrice'], time()+3600, "/", $_SERVER['SERVER_NAME'], 0);
$sortby = $_POST['sortPrice'];
}


	
	//------------ begin switch page type options ------------//
	
	// ---------- prod category
	switch ($_GET['case']) {
	case "products":
	$query_product = sprintf("SELECT * FROM affiliSt_products1 WHERE prodCategory = %s $sortby",
	quote_smart(str_replace("-", " ", $_GET['pc'])));
	break;
	
	// ---------- prod brand
	case "subproducts":
	$query_product = sprintf("SELECT * FROM affiliSt_products1 WHERE prodCategory = %s AND prodBrand = %s $sortby",
	quote_smart(str_replace("-", " ", $_GET['pc'])),
	quote_smart(str_replace("-", " ", $_GET['pb'])));
	break;
	
	// ---------- prod page
	case "product":
		// use merchant product ids
		if ($navOpt[12] == 1) {
		$theprodID = 'merchantProdID';
		} else {
		$theprodID = 'dbProdID';
		}
	$query_product = sprintf("SELECT * FROM affiliSt_products1 WHERE prodDB = %d AND $theprodID = %s",
	quote_smart($_GET['proddb']),
	quote_smart($_GET['pid']));
	break;
	
	// ---------- search
	case "search":
	if ($_GET['ps'] == NULL) { header("Location: ".$installDir['value']); }
	// get keywords
	$pieces = explode(" ", strip_tags($_GET['ps']));
	$kp = count($pieces);
	// reset pieces
	$pluspieces = '';
	for ($pi=0;$pi<$kp;$pi++) {
	$pluspieces .= $pieces[$pi].' ';
	}
	$pluspieces = rtrim($pluspieces, " ");
	// output search results
	$extracondition = '';
		if (isset($_GET['pscat'])){
		$extracondition .= " AND prodCategory = ".quote_smart($_GET['pscat'])."";
		}
		if (isset($_GET['pslow'])){
		$extracondition .= " AND (prodPrice BETWEEN ".quote_smart($_GET['pslow'])." AND ".quote_smart($_GET['pshigh']).")";
		}
	if ($indcount == 0) {
	$query_product = "SELECT *, ( (1.3 * (MATCH(prodName) AGAINST (".quote_smart($pluspieces)." IN BOOLEAN MODE))) + (0.6 * (MATCH(prodDescription,merchant,prodCategory,prodBrand) AGAINST (".quote_smart($pluspieces)." IN BOOLEAN MODE))) ) AS relevance FROM affiliSt_products1 WHERE ( MATCH(prodName,prodDescription,merchant,prodCategory,prodBrand) AGAINST (".quote_smart($pluspieces)." IN BOOLEAN MODE) ) $extracondition HAVING relevance > 0 $sortby";
	} else {
	$query_product = "SELECT *, MATCH (prodName,prodDescription,prodBrand,prodCategory) AGAINST (".quote_smart($pluspieces).") AS relevance FROM affiliSt_products1 WHERE MATCH (prodName,prodDescription,prodBrand,prodCategory) AGAINST (".quote_smart($pluspieces).") $extracondition HAVING relevance > 0 $sortby";
	}
	break;
	
	// ---------- built nav top
	case "categories":
	// get top level built nav data
	$sql = sprintf("SELECT * FROM affiliSt_categories WHERE id = %s",
	quote_smart($_GET['nc']));
	$getNavC = mysql_query($sql, $databaseConnect) or die(mysql_error());
	$navC = mysql_fetch_assoc($getNavC);
	// redirect if no result
	if ($navC['name'] == NULL) {
	header("HTTP/1.1 301 Moved Permanently");
	header("Location: {$installDir['value']}");
	}
	// and/or search <- disabled
	if ($navC['searchType'] == 0) {
	$searchType = 'OR';
	} else {
	$searchType = 'AND';
	}
	// explode keywords
	$pieces = explode(",", $navC['keywords']);
	$kp = count($pieces);
	// cols to search
	$searchCols = explode(":", $navC['searchCols']);
	for ($i = 0; $i < $kp; $i++) {
	$searchMerchant = array();
		if ($searchCols[0] == 1) {
		$searchMerchant[0] = " merchant LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[0] = '';
		}
		if ($searchCols[1] == 1) {
		$searchMerchant[1] = " merchantProdID LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[1] = '';
		}
		if ($searchCols[2] == 1) {
		$searchMerchant[2] = " prodName LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[2] = '';
		}
		if ($searchCols[3] == 1) {
		$searchMerchant[3] = " prodBrand LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[3] = '';
		}
		if ($searchCols[4] == 1) {
		$searchMerchant[4] = " prodCategory LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[4] = '';
		}
		if ($searchCols[5] == 1) {
		$searchMerchant[5] = " prodDescription LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[5] = '';
		}
		if ($searchCols[6] == 1) {
		$searchMerchant[6] = " prodPromoText LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[6] = '';
		}
		if ($searchCols[7] == 1) {
		$searchMerchant[7] = " extraFieldA LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[7] = '';
		}
		if ($searchCols[8] == 1) {
		$searchMerchant[8] = " extraFieldB LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[8] = '';
		}
		if ($searchCols[9] == 1) {
		$searchMerchant[9] = " extraFieldC LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[9] = '';
		}
		if ($searchCols[10] == 1) {
		$searchMerchant[10] = " extraFieldD LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[10] = '';
		}
		if ($searchCols[11] == 1) {
		$searchMerchant[11] = " extraFieldE LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[11] = '';
		}
	$handler .= rtrim($searchMerchant[0].$searchMerchant[1].$searchMerchant[2].$searchMerchant[3].$searchMerchant[4].$searchMerchant[5].$searchMerchant[6].$searchMerchant[7].$searchMerchant[8].$searchMerchant[9].$searchMerchant[10].$searchMerchant[11], ".$searchType.");
		if ($i != $kp-1) {
		$handler .= " ".$searchType." ";
		} else {
		$handler .= ") AND (prodPrice BETWEEN ".$navC['priceFrom']." AND ".$navC['priceLimit'].") ";
		}
	}
	// negative keywords
	if ($navC['negkeywords'] != '') {
	$pieces = explode(",", $navC['negkeywords']);
	$kp = count($pieces);
	// cols to search
	$negSearchCols = explode(":", $navC['negSearchCols']);
	$searchType = 'AND';
	$handler .= "AND ";
		for ($i = 0; $i < $kp; $i++) {
		$negSearchMerchant = array();
			if ($negSearchCols[0] == 1) {
			$negSearchMerchant[0] = " merchant NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[0] = '';
			}
			if ($negSearchCols[1] == 1) {
			$negSearchMerchant[1] = " merchantProdID NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[1] = '';
			}
			if ($negSearchCols[2] == 1) {
			$negSearchMerchant[2] = " prodName NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[2] = '';
			}
			if ($negSearchCols[3] == 1) {
			$negSearchMerchant[3] = " prodBrand NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[3] = '';
			}
			if ($negSearchCols[4] == 1) {
			$negSearchMerchant[4] = " prodCategory NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[4] = '';
			}
			if ($negSearchCols[5] == 1) {
			$negSearchMerchant[5] = " prodDescription NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[5] = '';
			}
			if ($negSearchCols[6] == 1) {
			$negSearchMerchant[6] = " prodPromoText NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[6] = '';
			}
			if ($negSearchCols[7] == 1) {
			$negSearchMerchant[7] = " extraFieldA NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[7] = '';
			}
			if ($negSearchCols[8] == 1) {
			$negSearchMerchant[8] = " extraFieldB NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[8] = '';
			}
			if ($negSearchCols[9] == 1) {
			$negSearchMerchant[9] = " extraFieldC NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$searchMerchant[9] = '';
			}
			if ($negSearchCols[10] == 1) {
			$negSearchMerchant[10] = " extraFieldD NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[10] = '';
			}
			if ($negSearchCols[11] == 1) {
			$negSearchMerchant[11] = " extraFieldE NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[11] = '';
			}
		$handler .= rtrim($negSearchMerchant[0].$negSearchMerchant[1].$negSearchMerchant[2].$negSearchMerchant[3].$negSearchMerchant[4].$negSearchMerchant[5].$negSearchMerchant[6].$negSearchMerchant[7].$negSearchMerchant[8].$negSearchMerchant[9].$negSearchMerchant[10].$negSearchMerchant[11], ".$searchType.");
			if ($i != $kp-1) {
			$handler .= " ".$searchType." ";
			} else {
			$handler .= "";
			}
		}
	}
	$query_product = "SELECT * FROM affiliSt_products1 WHERE ($handler $sortby";
	break;
	
	// ---------- built nav sub
	case "subcategories":
	// get top level built nav data
	$sql = sprintf("SELECT * FROM affiliSt_categories WHERE id = %s",
	quote_smart($_GET['nc']));
	$getNavC = mysql_query($sql, $databaseConnect) or die(mysql_error());
	$navC = mysql_fetch_assoc($getNavC);
	// get sub level built nav data	
	$sql = sprintf("SELECT * FROM affiliSt_categories WHERE id = %s",
	quote_smart($_GET['nb']));
	$getNavB = mysql_query($sql, $databaseConnect) or die(mysql_error());
	$navB = mysql_fetch_assoc($getNavB);
	// redirect if no result
	if ($navC['name'] == NULL || $navB['name'] == NULL) {
	header("HTTP/1.1 301 Moved Permanently");
	header("Location: {$installDir['value']}");
	}
	// and/or search <- disabled
	if ($navB['searchType'] == 0) {
	$searchType = 'OR';
	} else {
	$searchType = 'AND';
	}
	// binded parent
	if ($navB['bindParent'] == 1) {
	$pieces = explode(",", $navC['keywords']);
	$kp = count($pieces);
	$parentBind .= "AND (";
	// cols to search
	$searchCols = explode(":", $navC['searchCols']);
		for ($i = 0; $i < $kp; $i++) {
		$searchMerchant = array();
			if ($searchCols[0] == 1) {
			$searchMerchant[0] = " merchant LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$searchMerchant[0] = '';
			}
			if ($searchCols[1] == 1) {
			$searchMerchant[1] = " merchantProdID LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$searchMerchant[1] = '';
			}
			if ($searchCols[2] == 1) {
			$searchMerchant[2] = " prodName LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$searchMerchant[2] = '';
			}
			if ($searchCols[3] == 1) {
			$searchMerchant[3] = " prodBrand LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$searchMerchant[3] = '';
			}
			if ($searchCols[4] == 1) {
			$searchMerchant[4] = " prodCategory LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$searchMerchant[4] = '';
			}
			if ($searchCols[5] == 1) {
			$searchMerchant[5] = " prodDescription LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$searchMerchant[5] = '';
			}
			if ($searchCols[6] == 1) {
			$searchMerchant[6] = " prodPromoText LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$searchMerchant[6] = '';
			}
			if ($searchCols[7] == 1) {
			$searchMerchant[7] = " extraFieldA LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$searchMerchant[7] = '';
			}
			if ($searchCols[8] == 1) {
			$searchMerchant[8] = " extraFieldB LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$searchMerchant[8] = '';
			}
			if ($searchCols[9] == 1) {
			$searchMerchant[9] = " extraFieldC LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$searchMerchant[9] = '';
			}
			if ($searchCols[10] == 1) {
			$searchMerchant[10] = " extraFieldD LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$searchMerchant[10] = '';
			}
			if ($searchCols[11] == 1) {
			$searchMerchant[11] = " extraFieldE LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$searchMerchant[11] = '';
			}
		$parentBind .= rtrim($searchMerchant[0].$searchMerchant[1].$searchMerchant[2].$searchMerchant[3].$searchMerchant[4].$searchMerchant[5].$searchMerchant[6].$searchMerchant[7].$searchMerchant[8].$searchMerchant[9].$searchMerchant[10].$searchMerchant[11], ".$searchType.");		
			if ($i != $kp-1) {
			$parentBind .= " ".$searchType." ";
			} else {
			$parentBind .= ")";
			}
		}
		// negative keywords
		if ($navC['negkeywords'] != '') {
		$pieces = explode(",", $navC['negkeywords']);
		$kp = count($pieces);
		// cols to search
		$negSearchCols = explode(":", $navC['negSearchCols']);
		$searchType = 'AND';
		$parentBind .= "AND ";
			for ($i = 0; $i < $kp; $i++) {
			$negSearchMerchant = array();
				if ($negSearchCols[0] == 1) {
				$negSearchMerchant[0] = " merchant NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
				} else {
				$negSearchMerchant[0] = '';
				}
				if ($negSearchCols[1] == 1) {
				$negSearchMerchant[1] = " merchantProdID NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
				} else {
				$negSearchMerchant[1] = '';
				}
				if ($negSearchCols[2] == 1) {
				$negSearchMerchant[2] = " prodName NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
				} else {
				$negSearchMerchant[2] = '';
				}
				if ($negSearchCols[3] == 1) {
				$negSearchMerchant[3] = " prodBrand NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
				} else {
				$negSearchMerchant[3] = '';
				}
				if ($negSearchCols[4] == 1) {
				$negSearchMerchant[4] = " prodCategory NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
				} else {
				$negSearchMerchant[4] = '';
				}
				if ($negSearchCols[5] == 1) {
				$negSearchMerchant[5] = " prodDescription NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
				} else {
				$negSearchMerchant[5] = '';
				}
				if ($negSearchCols[6] == 1) {
				$negSearchMerchant[6] = " prodPromoText NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
				} else {
				$negSearchMerchant[6] = '';
				}
				if ($negSearchCols[7] == 1) {
				$negSearchMerchant[7] = " extraFieldA NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
				} else {
				$negSearchMerchant[7] = '';
				}
				if ($negSearchCols[8] == 1) {
				$negSearchMerchant[8] = " extraFieldB NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
				} else {
				$negSearchMerchant[8] = '';
				}
				if ($negSearchCols[9] == 1) {
				$negSearchMerchant[9] = " extraFieldC NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
				} else {
				$searchMerchant[9] = '';
				}
				if ($negSearchCols[10] == 1) {
				$negSearchMerchant[10] = " extraFieldD NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
				} else {
				$negSearchMerchant[10] = '';
				}
				if ($negSearchCols[11] == 1) {
				$negSearchMerchant[11] = " extraFieldE NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
				} else {
				$negSearchMerchant[11] = '';
				}
			$parentBind .= rtrim($negSearchMerchant[0].$negSearchMerchant[1].$negSearchMerchant[2].$negSearchMerchant[3].$negSearchMerchant[4].$negSearchMerchant[5].$negSearchMerchant[6].$negSearchMerchant[7].$negSearchMerchant[8].$negSearchMerchant[9].$negSearchMerchant[10].$negSearchMerchant[11], ".$searchType.");
				if ($i != $kp-1) {
				$parentBind .= " ".$searchType." ";
				} else {
				$parentBind .= "";
				}
				
			}
		}
	} else {
	$parentBind = '';
	}
	// and/or search <- disabled
	if ($navB['searchType'] == 0) {
	$searchType = 'OR';
	} else {
	$searchType = 'AND';
	}
	// explode subnav keywords
	$pieces = explode(",", $navB['keywords']);
	$kp = count($pieces);
	// cols to search for subnav
	$searchCols = explode(":", $navB['searchCols']);
	for ($i = 0; $i < $kp; $i++) {
	$searchMerchant = array();
		if ($searchCols[0] == 1) {
		$searchMerchant[0] = " merchant LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[0] = '';
		}
		if ($searchCols[1] == 1) {
		$searchMerchant[1] = " merchantProdID LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[1] = '';
		}
		if ($searchCols[2] == 1) {
		$searchMerchant[2] = " prodName LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[2] = '';
		}
		if ($searchCols[3] == 1) {
		$searchMerchant[3] = " prodBrand LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[3] = '';
		}
		if ($searchCols[4] == 1) {
		$searchMerchant[4] = " prodCategory LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[4] = '';
		}
		if ($searchCols[5] == 1) {
		$searchMerchant[5] = " prodDescription LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[5] = '';
		}
		if ($searchCols[6] == 1) {
		$searchMerchant[6] = " prodPromoText LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[6] = '';
		}
		if ($searchCols[7] == 1) {
		$searchMerchant[7] = " extraFieldA LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[7] = '';
		}
		if ($searchCols[8] == 1) {
		$searchMerchant[8] = " extraFieldB LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[8] = '';
		}
		if ($searchCols[9] == 1) {
		$searchMerchant[9] = " extraFieldC LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[9] = '';
		}
		if ($searchCols[10] == 1) {
		$searchMerchant[10] = " extraFieldD LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[10] = '';
		}
		if ($searchCols[11] == 1) {
		$searchMerchant[11] = " extraFieldE LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
		} else {
		$searchMerchant[11] = '';
		}
	$handler .= rtrim($searchMerchant[0].$searchMerchant[1].$searchMerchant[2].$searchMerchant[3].$searchMerchant[4].$searchMerchant[5].$searchMerchant[6].$searchMerchant[7].$searchMerchant[8].$searchMerchant[9].$searchMerchant[10].$searchMerchant[11], ".$searchType.");
		if ($i != $kp-1) {
		$handler .= " ".$searchType." ";
		} else {
		$handler .= ") $parentBind AND (prodPrice BETWEEN ".$navB['priceFrom']." AND ".$navB['priceLimit'].") ";
		}
	}
	// negative keywords for subnav
	if ($navB['negkeywords'] != '') {
	$pieces = explode(",", $navB['negkeywords']);
	$kp = count($pieces);
	// negative cols to search for subnav
	$negSearchCols = explode(":", $navC['negSearchCols']);
	$searchType = 'AND';
	$handler .= "AND ";
		for ($i = 0; $i < $kp; $i++) {
		$negSearchMerchant = array();
			if ($negSearchCols[0] == 1) {
			$negSearchMerchant[0] = " merchant NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[0] = '';
			}
			if ($negSearchCols[1] == 1) {
			$negSearchMerchant[1] = " merchantProdID NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[1] = '';
			}
			if ($negSearchCols[2] == 1) {
			$negSearchMerchant[2] = " prodName NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[2] = '';
			}
			if ($negSearchCols[3] == 1) {
			$negSearchMerchant[3] = " prodBrand NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[3] = '';
			}
			if ($negSearchCols[4] == 1) {
			$negSearchMerchant[4] = " prodCategory NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[4] = '';
			}
			if ($negSearchCols[5] == 1) {
			$negSearchMerchant[5] = " prodDescription NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[5] = '';
			}
			if ($negSearchCols[6] == 1) {
			$negSearchMerchant[6] = " prodPromoText NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[6] = '';
			}
			if ($negSearchCols[7] == 1) {
			$negSearchMerchant[7] = " extraFieldA NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[7] = '';
			}
			if ($negSearchCols[8] == 1) {
			$negSearchMerchant[8] = " extraFieldB NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[8] = '';
			}
			if ($negSearchCols[9] == 1) {
			$negSearchMerchant[9] = " extraFieldC NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$searchMerchant[9] = '';
			}
			if ($negSearchCols[10] == 1) {
			$negSearchMerchant[10] = " extraFieldD NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[10] = '';
			}
			if ($negSearchCols[11] == 1) {
			$negSearchMerchant[11] = " extraFieldE NOT LIKE '%".noquote_smart($pieces[$i])."%' ".$searchType;
			} else {
			$negSearchMerchant[11] = '';
			}
		$handler .= rtrim($negSearchMerchant[0].$negSearchMerchant[1].$negSearchMerchant[2].$negSearchMerchant[3].$negSearchMerchant[4].$negSearchMerchant[5].$negSearchMerchant[6].$negSearchMerchant[7].$negSearchMerchant[8].$negSearchMerchant[9].$negSearchMerchant[10].$negSearchMerchant[11], ".$searchType.");
					
			if ($i != $kp-1) {
			$handler .= " ".$searchType." ";
			} else {
			$handler .= "";
			}
		}
	}
	$query_product = "SELECT * FROM affiliSt_products1 WHERE ($handler $sortby";
	break;
	
	// ---------- links
	case "links":
	$query_product = "no";
	break;
	
	// ---------- page top
	case "page":
	$query_product = "no";
	// get page details	
	$thePage = $_GET['page'];
	$sql =  sprintf("SELECT tblParent.name AS parent_name,tblParent.id AS parent_id,tblChild.* FROM affiliSt_pages AS tblChild LEFT JOIN affiliSt_pages AS tblParent ON tblChild.parent = tblParent.id WHERE tblChild.id = %s",
	quote_smart($thePage));
	$getPageDetails = mysql_query($sql, $databaseConnect) or die(mysql_error());
	$pageDetails = mysql_fetch_assoc($getPageDetails);
	break;
	
	// ---------- page sub
	case "subpage":
	$query_product = "no";
	// get page details	
	$thePage = $_GET['page'];
	$sql =  sprintf("SELECT * FROM affiliSt_pages WHERE id = %s",
	quote_smart($thePage));
	$getPageDetails = mysql_query($sql, $databaseConnect) or die(mysql_error());
	$pageDetails = mysql_fetch_assoc($getPageDetails);
	// get page details	
	$theSubPage = $_GET['subpage'];
	$sql =  sprintf("SELECT * FROM affiliSt_pages WHERE id = %s",
	quote_smart($theSubPage));
	$getSubPageDetails = mysql_query($sql, $databaseConnect) or die(mysql_error());
	$pageSubDetails = mysql_fetch_assoc($getSubPageDetails);
	break;
	
	// ---------- news homepage
	case "news":
	$query_product = "no";
	// pagination
	$limit = $pPerPage[3];
	$sql = "SELECT COUNT(id) FROM affiliSt_news";
	$totalrows = mysql_result(mysql_query($sql),0);
	$npage = $_GET['npage'];
		if ($navOpt[7] == 1) {
		// html perma
		$currentNewsPage = $installDir['value'].'news/';
		} else {
		// php link
		$currentNewsPage = $_SERVER["PHP_SELF"].'?case=news&npag=home';
		}
		if(empty($npage)){
		$npage = 1;
		}
	$limitvalue = $npage * $limit - ($limit);
	// page numbers
	$numofpages = $totalrows / $limit;
		if ($numofpages > 1) {
		$lholder = '<div id="pagLinks" style="color:#cccccc;">';
		// previous page link
			if($npage != 1){ 
			$pageprev = $npage - 1;
				if ($navOpt[7] == 1) {
				// html perma
				$lholder .= '<a href="'.$currentNewsPage.$pageprev.'/home.html">Previous</a> ';  
				} else {
				// php link
				$lholder .= '<a href="'.$currentNewsPage.'&npage='.$pageprev.'">Previous</a> ';  
				}
			}else{
			$lholder .= '<span style="color:#333333;">Previous</span> ';
			}
			for($i = 1; $i <= $numofpages; $i++){
				if($i == $npage){
				$lholder .= '| <span style="color:#333333;">'.$i.'</span> ';
				}else{
					if ($navOpt[7] == 1) {
					// html perma
					$lholder .= '| <a href="'.$currentNewsPage.$i.'/home.html">'.$i.'</a> ';
					} else {
					// php link
					$lholder .= '| <a href="'.$currentNewsPage.'&npage='.$i.'">'.$i.'</a> ';
					}
				}
			}
			// check for remainder results with %
			if(($totalrows % $limit) != 0){
				if($i == $npage){
				$lholder .= '| <span style="color:#333333;">'.$i.'</span> ';
				}else{
					if ($navOpt[7] == 1) {
					// html perma
					$lholder .= '| <a href="'.$currentNewsPage.$i.'/home.html">'.$i.'</a> ';
					} else {
					// php link
					$lholder .= '| <a href="'.$currentNewsPage.'&npage='.$i.'">'.$i.'</a> ';
					}
				}
			}
			// next page link
			if(($totalrows - ($limit * $npage)) > 0){
			$pagenext = $npage + 1;
				if ($navOpt[7] == 1) {
				// html perma
				$lholder .= '| <a href="'.$currentNewsPage.$pagenext.'/home.html">Next</a>'; 
				} else {
				// php link
				$lholder .= '| <a href="'.$currentNewsPage.'&npage='.$pagenext.'">Next</a>';   
				}
			}else{
			$lholder .= '| <span style="color:#333333;">Next</span>'; 
			}
		$lholder .= '</div>';
		}
	// news listing
	$getNews = mysql_query("SELECT * FROM affiliSt_news ORDER BY timestamp DESC,id DESC LIMIT $limitvalue, $limit");
	$newsItemsAll = mysql_fetch_assoc($getNews);
	break;
	
	// ---------- news item
	case "newsitem":
	$query_product = "no";
	$sql =  sprintf("SELECT * FROM affiliSt_news WHERE id = %s",
	quote_smart($_GET['npag']));
	$getNews = mysql_query($sql, $databaseConnect) or die(mysql_error());
	$newsItemsSingle = mysql_fetch_assoc($getNews);
	break;
	
	// ---------- merchant comments
	case "stores":
	$query_product = "no";
	break;
	
	// ---------- homepage and default setting
	default:
	$query_product = "no";
	// get page details	
	$thePage = 1;
	$sql =  sprintf("SELECT * FROM affiliSt_pages WHERE id = %s",
	quote_smart($thePage));
	$getPageDetails = mysql_query($sql, $databaseConnect) or die(mysql_error());
	$pageDetails = mysql_fetch_assoc($getPageDetails);
	
	// end switch ->
	}

if ($query_product != "no") {
$query_limit_product = sprintf("%s LIMIT %d, %d", $query_product, noquote_smart($startRow_product), noquote_smart($maxRows_product));
$product = mysql_query($query_limit_product, $databaseConnect) or die(mysql_error());
$row_product = mysql_fetch_assoc($product);

$all_product = mysql_query($query_product);
$totalRows_product = mysql_num_rows($all_product);
$totalPages_product = ceil($totalRows_product/$maxRows_product)-1;

$queryString_product = "";
	if (!empty($_SERVER['QUERY_STRING'])) {
	  $params = explode("&", $_SERVER['QUERY_STRING']);
	  $newParams = array();
	  foreach ($params as $param) {
		if (stristr($param, "pageNum_product") == false && 
			stristr($param, "totalRows_product") == false) {
		  array_push($newParams, $param);
		}
	  }
	  if (count($newParams) != 0) {
		$queryString_product = "&" . htmlentities(implode("&", $newParams));
	  }
	}
$queryString_product = sprintf("%s", $queryString_product);
}

// get skin value
$getConfigSkin = mysql_query("SELECT value FROM affiliSt_config WHERE name = 'adSkinURL'");
$configSkin = mysql_fetch_assoc($getConfigSkin);
?>